Providing practical examples since 1998

Things look quiet here. But I've been doing a lot of blogging at
dan.langille.org because I prefer WordPress now.
Not all my posts there are FreeBSD related.
I am in the midst of migrating The FreeBSD Diary over to WordPress
(and you can read about that here).
Once the migration is completed, I'll move the FreeBSD posts into the
new FreeBSD Diary website.

The first warning is that each virtual server must have a different IP address or run
on a different port. See the proftpd
FAQ for more detail. And I actually have only one public IP address. So
all of my testing was with private addresses.

Adding IP aliases

My first step was to add additional IP addresses to my network cards. This is
covered by the FreeBSD FAQ.
Here's what I did:

You may think that the netmask is wrong. You might be thinking you want
255.255.255.0 but if you use that, here's the error you will get:

ifconfig: ioctl (SIOCAIFADDR): File exists

Configuring virtual servers

Here are the virtual servers I added to /usr/local/etc/proftpd.conf.
These examples were taken straight from /usr/ports/ftp/proftpd/work/proftpd-1.2.0pre8/sample-configurations/.

The
main changes are:

Turned off PAM (my box isn't new enough)

Set the server name

Set the default root.

You'll also see that the two servers have files in different places. This is the
main reasons for running virtual servers. You can have them answer to different IP
addresses (i.e. different hostnames) and present different file sets according to the
server in question.

After modifying the config file, don't forget to HUP proftpd!

killall -HUP proftpd

Here are the configuration settings:

# First virtual server
<VirtualHost 192.168.0.200>
AuthPAMAuthoritative off
ServerName "This is the Virtual Server 192.168.0.200"
DefaultRoot /pub/ftp.192.168.0.200
MaxClients 10
# Next, create a "guest" account (which could be used
# by a customer to allow private access to their web site, etc)
<Anonymous /pub/ftp.192.168.0.200>
User ftp
Group ftp
# ### We want clients to be able to login with "anonymous"
# ### as well as "ftp"
UserAlias anonymous ftp
### It is wise when making an 'ftp' user that you either block its
### ability to login either via /etc/login.access or my giving it
### an invalid shell.
### Uncomment this if the 'ftp' user you made has an invalid shell
RequireValidShell off
### We want 'welcome.msg' displayed at login, and '.message'
### displayed in each newly chdired directory.
DisplayLogin welcome.msg
DisplayFirstChdir .message
AnonRequirePassword on
<Limit LOGIN>
AllowAll
</Limit>
# A private directory that we don't want the user getting in to.
<Directory logs>
<Limit READ WRITE DIRS>
DenyAll
</Limit>
</Directory>
</Anonymous>
</VirtualHost>
# Second virtual server
<VirtualHost 192.168.0.201>
AuthPAMAuthoritative off
ServerName "This is the Virtual Server 192.168.0.201"
DefaultRoot /pub/ftp.192.168.0.201
MaxClients 10
# Next, create a "guest" account (which could be used
# by a customer to allow private access to their web site, etc)
<Anonymous /pub/ftp.192.168.0.201>
User ftp
Group ftp
# ### We want clients to be able to login with "anonymous" as
# ### well as "ftp"
UserAlias anonymous ftp
### It is wise when making an 'ftp' user that you either block its
### ability to login either via /etc/login.access or my giving it
### an invalid shell.
### Uncomment this if the 'ftp' user you made has an invalid shell
RequireValidShell off
### We want 'welcome.msg' displayed at login, and '.message'
### displayed in each newly chdired directory.
DisplayLogin welcome.msg
DisplayFirstChdir .message
AnonRequirePassword on
<Limit LOGIN>
AllowAll
</Limit>
# A private directory that we don't want the user getting in to.
<Directory logs>
<Limit READ WRITE DIRS>
DenyAll
</Limit>
</Directory>
</Anonymous>
</VirtualHost>

Testing

If you check my NIC, you'll see they are listening on more than one IP: